Ellen Messmer reports: An in-depth study of data-breach problems last year where hackers infiltrated 312 businesses to grab gobs of mainly customer payment-card information found the primary way they got in was through third-party vendor remote-access applications or VPN for systems maintenance. “The majority of our analysis of data-breach investigations — 76% — revealed that the third-party responsible for…
Category: Of Note
Law enforcement targeted by hackers
There have been a number of law enforcement-related web sites hacked since last June. Some of those hacks — like those involving the Arizona Department of Public Safety, BART, International Association of Chiefs of Police, Boston Police Patrolmen’s Association, Baldwin County Sheriff’s office in Alabama, Coalition of Law Enforcement and Retail (C.L.E.A.R.), the California Statewide Law…
SLC Police Department hack: hackers delete their own files after reiterating pledge not to expose residents’ personal info
Hacktivism raises all kinds of ethical issues. In an unusual move, hackers responsible for the hack of the Salt Lake City Police Department have deleted their copies of some of the files they had acquired from the PD’s web site. In announcing the hack on Tuesday, the hackers known as Kahuna and CabinCr3w indicated that…
NYSEG and RG&E Notify Customers of Unauthorized Access to Customer Data
From NYSEG: New York State Electric & Gas (NYSEG) and Rochester Gas and Electric (RG&E), subsidiaries of Iberdrola USA, today began sending precautionary notifications to customers advising them of unauthorized access to customer data. This situation involves an employee at an independent software development consulting firm (contracted by NYSEG and RG&E) who allowed unauthorized access…
(Follow-up) Agreement Reached With Metropolitan Life Insurance Co. Over Release of Some Customers’ Personally Identifiable Information
Attorney General George Jepsen and Consumer Protection Commissioner William Rubenstein have reached an agreement with Metropolitan Life Insurance Co. to provide additional protections to the current and former customers whose personal information was made public. Information of current and former MetLife customers was part of a spreadsheet posted to the Internet by an employee of…
Zappos hacked; notifying 24+ million Zappos.com and 6pm.com customers of breach and to reset passwords
Online retailer Zappos has been hacked. Its CEO, Tony Hsieh, posted a copy of an email notification explaining the breach to all employees with a copy of the email notification sent to customers: The following email was sent to our employees today: Subject: Important – Security Dear Zappos Employees – Please set aside 20 minutes to carefully…